Since usign miscalculates SHA-512 digests for input sizes of exactly
64 + N * 128 + 110 or 64 + N * 128 + 111 bytes, we need to apply some
white space padding to avoid triggering the hashing edge case.
While usign itself has been fixed already, there is still many firmwares
in the wild which use broken usign versions to verify current package
indexes so we'll need to carry this workaround in the forseeable future.
Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Ref: https://git.openwrt.org/5a52b379902471cef495687547c7b568142f66d2
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Introduce a new option CONFIG_SIGNATURE_CHECK which defaults to the value
of CONFIG_SIGNED_PACKAGES and thus is enabled by default.
This option is needed to support building target opkg with enabled
signature verification while having the signed package lists disabled.
Our buildbots currently disable package signing globally in the
buildroot and SDK to avoid the need to ship private signing keys to
the build workers and to prevent the triggering of random key generation
on the worker nodes since package signing happens off-line on the master
nodes.
As unintended side-effect, updated opkg packages will get built with
disabled signature verification, hence the need for a new override option.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This update fixes usign signature verification on files with certain
file sizes triggering a bug in the shipped SHA-512 implementation.
5a52b37 sha512: fix bad hardcoded constant in sha512_final()
3e6648b README: replace unicode character
716c3f2 README: add reference to OpenBSD signify
86d3668 README: provide reference for ed25519 algorithm
939ec35 usign: main.c: describe necessary arguments for -G
Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This parser's matching function appears to be too generic as it matches
e.g. Buffalo WZR-HP-G300NH. That results in incorrect parts parsing.
Luckily this parser is needed by Fon FON2601 only which uses DT-based
ramips target. It means we can depend on mtd subsystem matching of
"fonfxc,uimage" string.
That said triggering this parser based on the "firmware" (or whatever
MTD_SPLIT_FIRMWARE_NAME is) partiiton name is not needed. It can be
dropped which will automatically fix the Buffalo WZR-HP-G300NH case.
Fixes: a1c6a316d2 ("ramips: add support for Fon FON2601")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This reverts commit e92a14709d.
mtdsplit_uimage_parse_fonfxc() gets called in two situations:
1) It was /requested/ from DT using "fonfxc,uimage" compatible string
2) It was called by parsing code after finding "firmware"
(MTD_SPLIT_FIRMWARE_NAME) due to the parser's type
Code added in the /fix/ commit basically just disabled the second case.
If that's the real goal it could be achieved by simply dropping type
MTD_PARSER_TYPE_FIRMWARE. It may however require another solution as
it's possible that some non-DT target actually needs fonfxc uImage
parsing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Fix build breakage as upstream has removed implicit include of
sys/sysmacros.h from sys/types.h:
remove implicit include of sys/sysmacros.h from sys/types.h
this reverts commit f552c792c7ce5a560f214e1104d93ee5b0833967, which
exposed the sysmacros.h macros (device major/minor calculations) for
BSD and GNU profiles to mimic an unintentional glibc behavior some
code depended on. glibc has deprecated and since removed them as the
resolution to bug #19239, so it makes no sense for us to keep this
behavior. affected code should all have been fixed by now, and if it's
not yet fixed it needs to be for use with modern glibc anyway.
Ref: https://git.musl-libc.org/cgit/musl/commit/include/sys/types.h?id=a31a30a0076c284133c0f4dfa32b8b37883ac930
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Starting with version 1.1.15, musl supports powerpc64.
There are no known users of powerpc64 yet.
This is effectively a revert of 0de93311e1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
These legacy bindings were removed long time ago from dts, so there's no
need to keep support for them.
Spotted-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
GCC needs the kernel headers to compile.
Some GCC file includes asm/unistd.h which is provided by the kernel headers.
Normally the kernel headers build is very fast and ready before the gcc uses
it, but if it clones the kernel from a slow git repository it takes longer
and then it could be that the gcc already wants to use the kernel headers
before they are available. This patch fixes this problem by adding the
missing dependency.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
This commit fixes regression on Linksys WRT1900 (Mamba) where this device
doesn't have USB 3.0 controller integrated in SoC, instead it has Etron
EJ168 connected to PCIe lane. Previously enabled in kernel 4.4 and 4.9,
was lost in transition to 4.14.
Fixes: 4ccad92 ("mvebu: Add support for kernel 4.14")
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
This is already enabled as kernel built-in feature in mvebu target and
none other target will use it.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
This changes the default PKG_BUILD_DIR to take BUILD_VARIANT into
account (if set), so that packages do not need to manually override
PKG_BUILD_DIR just to handle variants.
This also updates most base packages with variants to use the updated
default PKG_BUILD_DIR.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
WLAN0 and the unused LED are currently swapped. Fix this, so the LED
behavior matches the other OCEDo devices.
Signed-off-by: David Bauer <mail@david-bauer.net>
This adds support for several TP-Link devices based on TP9343
("a QCA9561 without PCIe and USB"):
- TL-WR940N v3
- TL-WR940N v4
- TL-WR941ND v6
The devices are only different concerning LEDs and MAC address
assignment.
All TL-WR940 are with non-detachable antennas (N), all
TL-WR941 devices are with detachable antennas (ND).
Specification:
- 750 MHz CPU
- 32 MB of RAM
- 4 MB of FLASH
- 2.4 GHz WiFi
- 4x 10/100 Mbps Ethernet
Flash instruction (WebUI):
Download *-factory.bin image and upload it via the firmwary upgrade
function of the stock firmware WebUI.
Flash instruction (TFTP):
1. Set PC to fixed ip address 192.168.0.66
2. Download *-factory.bin image and rename it to * (see below)
3. Start a tftp server with the image file in its root directory
4. Turn off the router
5. Press and hold Reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time
the firmware should be transferred from the tftp server
8. Wait ~30 second to complete recovery.
* TFTP image names:
940 v3: wr941ndv6_tp_recovery.bin
940 v4: wr940nv4_tp_recovery.bin
941 v6: wr941ndv6_tp_recovery.bin
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
379c096 Release version 5.2.
2bce6d9 ethtool: Add 100BaseT1 and 1000BaseT1 link modes
67ffbf5 ethtool: sync ethtool-copy.h with linux-next from 30/05/2019
687152b ethtool.spec: Use standard file location macros
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hardware spec of DIR-842 C1:
SoC: QCA9563
DRAM: 128MB DDR2
Flash: 16MB SPI-NOR
Switch: QCA8337N
WiFi 5.8GHz: QCA9888
WiFi 2.4Ghz: QCA9563
USB: circuit onboard, but components are not soldered
Flash instructions:
1. Upgrade the factory.bin through the factory web interface or
the u-boot failsafe interface.
The firmware will boot up correctly for the first time.
Do not power off the device after OpenWrt has booted.
Otherwise the u-boot will enter failsafe mode as the checksum
of the firmware has been changed.
2. Upgrade the sysupgrade.bin in OpenWrt.
After upgrading completes the u-boot won't complain about the
firmware checksum and it's OK to use now.
3. If you powered off the device before upgrading the sysupgrade.bin,
just upgrade the factory.bin through the u-boot failsafe interface
and then goto step 2.
Signed-off-by: Jackson Lim <jackcolentern@gmail.com>
[fix whitespace issues]
Signed-off-by: David Bauer <mail@david-bauer.net>
This router has the same hardware as TP-LINK TL-WR841N/ND v11 (same
FCC ID, same TFTP image name...).
Flash instruction (WebUI):
Download *-factory.bin image and upload it via the firmwary upgrade
function of the stock firmware WebUI.
Flash instruction (TFTP):
1. Set PC to fixed ip address 192.168.0.66
2. Download *-factory.bin image and rename it to wr841nv11_tp_recovery.bin
(it's really v11, not v12)
3. Start a tftp server with the image file in its root directory
4. Turn off the router
5. Press and hold Reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time
the firmware should be transferred from the tftp server
8. Wait ~30 second to complete recovery.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The TL-WR841N/ND v10 is mostly identical to the v9. Apart from some minor
changes, it contains a newer revision of the QCA9533 SoC and the CPU clock
is significantly higher.
Flash instruction (WebUI):
Download *-factory.bin image and upload it via the firmwary upgrade
function of the stock firmware WebUI.
Flash instruction (TFTP):
1. Set PC to fixed ip address 192.168.0.66
2. Download *-factory.bin image and rename it to wr841nv10_tp_recovery.bin
3. Start a tftp server with the image file in its root directory
4. Turn off the router
5. Press and hold Reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time
the firmware should be transferred from the tftp server
8. Wait ~30 second to complete recovery.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
In commit 6c937df749 ("ar71xx: wpj531: fix GPIOs for LED") wrong GPIO
13 for SIG1/RSS1 LED was commited, the correct GPIO number for this LED
is 12.
It's listed in "Hardware Guide - wpj531 7A06 (02/07/2019)" as GPIO12/RSS1
on the LED header and same GPIO 12 is used in the vendor's SDK as well.
Fixes: 6c937df749 ("ar71xx: wpj531: fix GPIOs for LED")
Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit subject/message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
We cannot distinguish between fonfxc uImage and generic uImage because
fonfxc uImage header is almost same as generic uImage, except padding
length after image name.
The fonfxc uImage parser is available when specifying directly with DT
compatible property. So this patch adds check if the partition DT node
is compatible with the parser.
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2413
Fixes: a1c6a316d2 ("ramips: add support for Fon FON2601")
Signed-off-by: NOGUCHI Hiroshi <drvlabo@gmail.com>
[commit light touches and removed C code comment]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Fixes following issue reported by Coverity scan:
*** CID 1452085: Security best practices violations (TOCTOU)
/tools/firmware-utils/src/uimage_padhdr.c: 100 in main()
94
95 if (!infname || !outfname) {
96 usage(argv[0]);
97 exit(1);
98 }
99
>>> CID 1452085: Security best practices violations (TOCTOU)
>>> Calling function "stat" to perform check on "infname".
100 if (stat(infname, &statbuf) < 0) {
Fixes: a1c6a316d2 ("ramips: add support for Fon FON2601")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
When CONFIG_ARM64_MODULE_PLTS=y, arch/arm64/kernel/module.lds is
required to build cryptodev-linux. This updates the sdk to include this
file.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
wireless-regdb fails to build if there is python2 installed from package
feeds, as staging_dir/hostpkg/bin/python is python2 and
staging_dir/hostpkg/bin takes precedence over staging_dir/host/bin
(proper place with python -> python3 symlink) which leads to the build
failure of wireless-regdb, so this patch makes it explicit which python
should be used.
Reported-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Russell Senior <russell@personaltelco.net>
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Splits up DEVICE_TITLE into DEVICE_VENDOR, DEVICE_MODEL and DEVICE_VARIANT.
Fixes https://github.com/openwrt/openwrt/pull/2245
Signed-off-by: Moritz Warning <moritzwarning@web.de>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
The DEVICE_TITLE introduced in 66458c49aa ("mediatek: add
v4.19 support") is mistyped. Fix it.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The [devm_]mdiobus_alloc[_size()] functions are creating
the array of interrupt numbers as well as initializing
them to POLLING.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The MDIO node will become more important in the future.
Hence, this patch adds DT labels to make the properties
inside the various subnodes more accessible.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Jo-Philipp Wich
Rafał Miłecki
Daniel Engberg
Koen Vandeputte
John Crispin
Petr Štetiar
Rosen Penev
Tomasz Maciej Nowak
Hauke Mehrtens
Jeffery To
David Bauer
Adrian Schmutzler
Hans Dedecker
Jackson Lim
DENG Qingfang
Leon M. George
NOGUCHI Hiroshi
Moritz Warning
Álvaro Fernández Rojas
Kevin Darbyshire-Bryant
Hauke Mehrtens
Christian Lamparter